Features Download
From: Bradley M. Kuhn <bkuhn <at> sfconservancy.org>
Subject: Re: Berkeley DB 6.0 license change to AGPLv3
Newsgroups: gmane.linux.debian.devel.legal
Date: Thursday 4th July 2013 16:23:32 UTC (over 4 years ago)
Ondřej Surý wrote at 06:29 (EDT):
> As far as I understand it – there are some parts in Berkeley DB source
> code which is just BSD licensed (and the copyright holders are those
> mentioned earlier)[1], then there are parts which were under SleepyCat
> license and presumably the copyright holder for those parts is Oracle
> – and those were relicensed to AGPLv3. (There are also mixed
> files[3].)

It's probably a good idea for someone to carefully verify these facts.
The community shouldn't assume Oracle got all this right.

> So, the AGPLv3 just needs to be compatible with 3-clause BSD license,
> which is the case.

...which it is, of course.

David Kalnischkies wrote at 17:43 (EDT) on Wednesday:
>> So, as I see wrong bits a few times in this thread now: a) APT is
>> GPL2+ licensed and will stay that way out of no other choice as I bet
>> its more likely that hell freezes over than that we track down every
>> contributor since 1997 to ask for an agreement for a license change …

If apt is GPLv2-or-later, you don't need copyright holder permission to
move to GPLv3-or-later, which permits you to combine with AGPLv3'd works
like BDB.

>> (yes, we could switch to GPL3+ "for free", but it's not like we
>> would gain anything from it

That's a matter of debate that I was pointing toward.  It's a policy
decision, and I understand fully why it might not be a good policy
decision for Debian for many reasons, including this one:

>>  – beside generating problems for GPL2-only dependees on libapt of
>>  course)

I'm curious, are there many of these?

> On 03/07/13 16:34, Bradley M. Kuhn wrote: [...]
>>> I know that some have complained that compliance with AGPLv3 may
>>> require more work by Debian redistributors.  That is a reasonable
>>> concern, but I think the issue can be mitigated.

MJ Ray wrote at 07:00 (EDT):
>>>>> OK, how?

I'm happy to engage in this discussion in detail if Debian decides to
keep the dependency on the AGPLv3'd library.  It sounds like consensus
might be approached that dropping BDB makes the most sense anyway (in
part for technical reasons anyway), so perhaps it will make this
situation moot.

I haven't spent much time helping people make compliance easy for
AGPLv3 -- even though I have some ideas about it -- simply because it's
(sadly) not much of a real-world problem yet, because so few people use
AGPLv3.  As AGPLv3 gets more popular (which I'd love to see), I'm happy
to devote more volunteer time to this to help Debian and others DTRT.

Keep in mind that AGPLv3 is a young license.  We've spent decades
figuring out the proper ways to make GPLv2 compliance easy.  Newer
licenses need just as long to gain good best practices.  It doesn't make
the new license bad, just new.
Bradley M. Kuhn, Executive Director, Software Freedom Conservancy
CD: 3ms